Skip Ribbon Commands
Skip to main content

Ondrej Sevecek's English Pages


Comments: Securing RDWEB with ADFS

Engineering and troubleshooting by Directory Master!
MCM: Directory

Sorry comments are disable due to the constant load of spam



Securing RDWEB with ADFS


Martin Matuska


Hi Ondrej,

I have tried to secure RDWEB with Reverse Proxy. As the RDWEB does not support claims by design, I try to configure NON-CLAIMS APPs on ADFS and set KDC delegation in AD from WAP to Broker. (In my setup is broker / web / gw on the same VM). The reason is I don't want to login twice (ADFS and RDWEB)

When I set SPN for rdweb to computeraccount, everything works. When I tried to run RDWEB not under ApplicationPoolIdentity but under particular user (and preregister SPN from computer to that user) I have got issue with preauthentication. When I bypass WAP, everything works. With ADFS preauth. I am getting error 500:

DOM7011: The code on this page disabled back and forward caching.

Do you have Idea, what can be wring / did you ever try your setup secure with WAP + ADFS?

BTW: On MS I found some howtos, but I did not get point, why they are setting up Claims relaying party trust when claims are not supported on RDWEB.


Created at 14/02/2017 14:34 by  
Last modified at 14/02/2017 14:34 by